ICANN/DNSO
DNSO Mailling lists archives

[registrars]


<<< Chronological Index >>>    <<< Thread Index >>>

[registrars] Transfer Misc Question


Under the current policy a domain name is locked for 60 days after
registration to allow the registrar to secure payment. However, there is no
similar provision in the case of transfers. In more than one instance
involving domain name hijacking/theft, I have seen a domain name get
transferred through multiple registrars then deleted and re-registered in an
attempt to launder a domain name within a couple of days. Why under the
proposed policy is it not permissible for a registrar to lock a domain name
on transfer since there is a payment which the registrar must verify for the
one additional year that the gaining registrar is billed by the registry. In
addition, by locking down a domain name after transfer it would limit the
ability of bad guys to launder domain names through multiple registrars.

I believe that several registrars have implemented a similar policy to cut
down on fraud, and I was wondering why this mechanism not be incorporated
into the transfer policy, at least on a voluntary basis. I am not requesting
that registries modify their software to incorporate this safeguard.
However, I believe registrars should not be prohibited from incorporating
this safeguard voluntarily.

Although this scenario at first blush might possibly qualify under the fraud
and payment exception of Point 16, in the case of domain name
theft/hi-jacking the domain name is generally in and out of a registrar's
system within a day or two. This brief period of time is not adequate enough
for a registrar to identify a possible problem and halt the transfer. What I
am basically proposing is that registrars be permitted to incorporate a
"cool down" period after a transfer to guarantee payment and ensure that
there is no fraud.

One would have to admit that if it reasonable for a domain name registrant
to stick with one registrar for 60 days after registering a domain name, it
is not unreasonable to ask that registrant to stick with a domain name
registrar for brief period of time to identify any potential illegal
activity. Moreover, would people not find it highly irregular for a domain
name registrant wanting to transfer-out after just transferring in.
Obviously this voluntary policy would not prohibit registrars from remedying
transfers that were made in error or illegally. In fact this transfer's cool
down period is design to make such remedial actions much more easier as the
number of registrars involved in limited to two.

Any thoughts?

Mike




<<< Chronological Index >>>    <<< Thread Index >>>